Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/b1bf57-679f-4564-b701-cb296708dec8/1/AKpMQvIIqQzXRs3Ululs7jvONDY.roa
File: AKpMQvIIqQzXRs3Ululs7jvONDY.roa (raw, json)
Hash identifier: BIy70VCzVM+Xa+CdmKbiFZkREDOaRaKjJ7xUey551TY=
Subject key identifier: 00:AA:4C:42:F2:08:A9:0C:D7:46:CD:D4:96:E9:6C:EE:3B:CE:34:36
Certificate issuer: /CN=a69749fa2337db33a76474eb812c034e30509d2a
Certificate serial: 019424B3B6B436A8B6B5412B432A42FDC627
Authority key identifier: A6:97:49:FA:23:37:DB:33:A7:64:74:EB:81:2C:03:4E:30:50:9D:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ppdJ-iM32zOnZHTrgSwDTjBQnSo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/b1bf57-679f-4564-b701-cb296708dec8/1/AKpMQvIIqQzXRs3Ululs7jvONDY.roa
Signing time: Thu 02 Jan 2025 01:49:05 +0000
ROA not before: Thu 02 Jan 2025 01:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34177
IP address blocks: 156.118.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/b1bf57-679f-4564-b701-cb296708dec8/1/ppdJ-iM32zOnZHTrgSwDTjBQnSo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/b1bf57-679f-4564-b701-cb296708dec8/1/ppdJ-iM32zOnZHTrgSwDTjBQnSo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ppdJ-iM32zOnZHTrgSwDTjBQnSo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 16:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:b6:b4:36:a8:b6:b5:41:2b:43:2a:42:fd:c6:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a69749fa2337db33a76474eb812c034e30509d2a
Validity
Not Before: Jan 2 01:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00aa4c42f208a90cd746cdd496e96cee3bce3436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:74:1e:3a:76:b0:04:bf:90:be:76:0f:42:e2:
9c:72:af:8f:a3:da:a1:d8:06:11:0a:bf:7c:bb:86:
b0:a5:f5:64:3f:ea:52:0e:32:1f:0e:c5:6c:2a:3c:
d2:00:f9:b2:60:8b:a3:e8:11:9b:e6:95:df:7f:5e:
df:e8:b2:89:7b:8a:0a:3f:ab:f1:7e:31:a5:58:54:
73:2b:e0:b6:59:af:8d:db:dc:cb:8d:ac:fc:3e:db:
46:b5:18:c5:67:14:ab:10:1a:19:bd:6a:1a:83:2c:
0c:b1:bd:52:79:1e:c3:ea:f6:3e:28:8d:f0:df:f9:
26:50:3e:83:25:1d:3c:2c:a6:cb:38:d9:80:17:de:
88:08:9f:9c:55:87:72:9c:0c:fb:4a:f8:53:73:7a:
70:55:40:be:e9:20:d4:07:7c:2f:b6:fc:76:26:53:
58:f5:cd:8a:4c:25:f5:22:2d:82:6f:c7:72:58:b3:
a9:12:d1:0c:bd:fb:69:75:9b:5e:ee:ad:04:1c:5d:
18:38:3d:be:74:58:88:5b:52:ec:e0:07:3e:22:7d:
33:b9:6f:4c:b5:66:3a:d6:d9:82:3b:96:1e:6c:42:
29:05:8b:67:30:48:24:38:fc:95:f0:61:57:c6:13:
48:44:d6:31:7c:22:b3:de:bb:b5:e4:b6:f8:a3:f9:
21:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:AA:4C:42:F2:08:A9:0C:D7:46:CD:D4:96:E9:6C:EE:3B:CE:34:36
X509v3 Authority Key Identifier:
keyid:A6:97:49:FA:23:37:DB:33:A7:64:74:EB:81:2C:03:4E:30:50:9D:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ppdJ-iM32zOnZHTrgSwDTjBQnSo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b1bf57-679f-4564-b701-cb296708dec8/1/AKpMQvIIqQzXRs3Ululs7jvONDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b1bf57-679f-4564-b701-cb296708dec8/1/ppdJ-iM32zOnZHTrgSwDTjBQnSo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.118.2.0/24
Signature Algorithm: sha256WithRSAEncryption
08:58:14:a6:fc:6f:aa:7e:08:3e:c6:7b:d6:c2:3f:70:f3:a7:
de:ad:a6:99:5e:fb:3b:08:df:be:ee:8e:a4:58:69:8f:68:b9:
9e:24:87:28:35:60:10:f0:13:03:58:2f:b6:5b:94:e7:a3:7b:
dc:7d:b8:eb:10:e1:86:57:30:48:1b:f5:aa:33:6a:a0:b2:c5:
5c:12:3a:51:e3:a6:38:2e:3d:33:9f:e9:bf:e5:6d:76:2c:41:
f5:52:97:e9:cf:42:f2:06:49:13:42:8d:d1:21:7a:7e:82:dd:
a6:7c:4c:5a:3d:26:ab:a8:b5:b8:1d:f6:6f:26:b6:d1:15:f8:
cf:b3:3b:82:e2:94:77:f9:7b:5d:be:11:91:99:6a:bc:9c:b9:
da:64:2b:fe:20:2e:0e:27:b7:c8:0c:eb:e2:b1:9a:2a:78:66:
e7:5d:3a:d5:93:3e:44:ed:a7:a0:64:36:9a:8f:5e:bb:81:22:
03:8d:ed:cc:71:a0:b5:5c:f1:56:a1:be:7c:b7:82:7a:a9:2c:
56:7f:f3:97:46:2f:7e:5b:1c:4c:21:7b:a3:15:e2:f3:c0:39:
53:1a:5f:f8:64:d5:7d:43:d6:b8:71:8a:1e:cb:f2:ba:7a:c4:
6d:30:04:13:12:d3:06:b8:b3:b1:cf:ae:de:39:1c:8e:0e:ed:
8d:c1:9f:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks7a0Nqi2tUErQypC/cYnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2OTc0OWZhMjMzN2RiMzNhNzY0NzRlYjgxMmMwMzRlMzA1
MDlkMmEwHhcNMjUwMTAyMDE0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGFhNGM0MmYyMDhhOTBjZDc0NmNkZDQ5NmU5NmNlZTNiY2UzNDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3QeOnawBL+QvnYPQuKccq+Po9qh
2AYRCr98u4awpfVkP+pSDjIfDsVsKjzSAPmyYIuj6BGb5pXff17f6LKJe4oKP6vx
fjGlWFRzK+C2Wa+N29zLjaz8PttGtRjFZxSrEBoZvWoagywMsb1SeR7D6vY+KI3w
3/kmUD6DJR08LKbLONmAF96ICJ+cVYdynAz7SvhTc3pwVUC+6SDUB3wvtvx2JlNY
9c2KTCX1Ii2Cb8dyWLOpEtEMvftpdZte7q0EHF0YOD2+dFiIW1Ls4Ac+In0zuW9M
tWY61tmCO5YebEIpBYtnMEgkOPyV8GFXxhNIRNYxfCKz3ru15Lb4o/khIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFACqTELyCKkM10bN1JbpbO47zjQ2MB8GA1UdIwQY
MBaAFKaXSfojN9szp2R064EsA04wUJ0qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHBkSi1pTTMyek9uWkhUcmdTd0RUakJRblNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9iMWJmNTctNjc5Zi00NTY0LWI3MDEt
Y2IyOTY3MDhkZWM4LzEvQUtwTVF2SUlxUXpYUnMzVWx1bHM3anZPTkRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9iMWJmNTctNjc5Zi00NTY0LWI3MDEtY2IyOTY3MDhkZWM4
LzEvcHBkSi1pTTMyek9uWkhUcmdTd0RUakJRblNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnHYCMA0G
CSqGSIb3DQEBCwUAA4IBAQAIWBSm/G+qfgg+xnvWwj9w86feraaZXvs7CN++7o6k
WGmPaLmeJIcoNWAQ8BMDWC+2W5Tno3vcfbjrEOGGVzBIG/WqM2qgssVcEjpR46Y4
Lj0zn+m/5W12LEH1Upfpz0LyBkkTQo3RIXp+gt2mfExaPSarqLW4HfZvJrbRFfjP
szuC4pR3+XtdvhGRmWq8nLnaZCv+IC4OJ7fIDOvisZoqeGbnXTrVkz5E7aegZDaa
j167gSIDje3McaC1XPFWob58t4J6qSxWf/OXRi9+WxxMIXujFeLzwDlTGl/4ZNV9
Q9a4cYoey/K6esRtMAQTEtMGuLOxz67eORyODu2NwZ94
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:43:58 2025 by rpki-client